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Description 

BACKGROUND OF THE INVENTION 

5 1.1^ erf the Invention 

The present invention relates to an apparatus and method for secure distribution of data. More particularly, the 
present invention relates to an apparatus and method for secure distribution of software, software updates, and config- 
uration data. 

10 

2. Description of Related Art 

In today's business environment data is one of the most valuable resources required tor maintaining a competitive 
edge. As a resutt businesses must often be able to maintain data confidentiality, reodiy determine the authenticity of 
is data, and closely control access to data. As used herein, the term "data" means a representation of facts, concepts or 
i n structions in a formalized manner suitable tor cornmunicatioa interpretation, or proces si ng by human or automatic 
means, including, but not limited to. software, software updates, and co n fig u ration data. 

Data systems commonly consist of many types and sizes of computer systems that are interconnected through 
rnany different electronic data networks. It is now common for an organization to interconnect te date systems wHh 
20 systems that belong to customers, vendors, and coni>etilors. Larger organizations might inctode international optfuationb, 
or they might provide continual services. For purposes herein, "computer" includes a device capable of performing the 
functions of a Turing Machine, including a rricrocornputer, mWcomputer, or mainframe computer. A luring Machine is 
a wel-known computer science concept and is explained in Encyclopedia of Computer Science, Ed. Anthony Rateton, 
ISBN 0-8840&321-0. which i6 spebficafty incorporated herein by reference. "Memory" includes a device or devices for 
25 storing data for use by a computer, inducing electronic, magnetic, and electro-magnetic memory 

A combration of elements must work together to achieve a more secure environment A security poficy, based on 
an appraisal of the value of the data arri potential threate to thrtd^p 

Securfty functions can be categorized as follows: 

30 * I den ti ficati on and authentication. Identifies users tothe system and provides proof that they are who they dahntoba 
Access control Determines which users can access which resources. 

* Dataconfidentiaity. Protects an org a n izati on^ sensitive data from unauthorized dtedosura 

* Data integrity. Ensures that data is in its original form and that H has not been altered. 

* Security rnanagement ActrrMsters, controls, and reviews a business, security pottcy. 

40 • Nonrapuolatioa Assures that tfie mess 

<>yptograpriyirxJudesasetof techniques fcy sc rambtng or d 
who can restore tie date to teorigiriaftDn^ 

baste fcj waepmg date confidential and torvenTyirip ttate iwimriy Cjrjntou/anhj ft rkirfefhrtht Design and Implemen- 
ts tation of Secure Systems, by Cart K Meyer and Stephen M Matyas, tSBN 0-471-04892-5. John ffltey a Sons, Inc. 
(1962), is a dassic text on tie design and implBuientetion of ayptographic systems, which is spedficaay incorporated 
herein by laforonco. 

For ujiBimrcial business appfceations, the cryptographic process known as the Date Encryption Algorihm (DEA) 
has been widely adopted. The Data Encryption Standard (DES). as well as other documents, defines how to use the 
so DEA to encipher data. Federal ■itormation Processing Standards Publication 46, which defines DES, is reprinted in the 
Meyer A Matyas text Many other processes tor concealing data, such as protection of passwords and personal identi- 
fication nurnbers(PINs), are based on the D^ 

processes the data- A DES key is a very smal piece of data (56 bits) fiat i6 riormaty retained in 8 bytes. The same key 
is usedtotranstormtie original data 
66 form. Because the DES algorithm is common foowtedge, one must Heap the key secret to make the data confidential; 
otherwise, someone who has the lay that one used to encipher the data 
agement refers to the procedures that are used to keep keys secret 

To confirm the integrity of data, one can use the DES algorithm to compute a message authentication code (MAC). 
Used in this way the DES algorithm is a powerful tool; it is almost impossUe to meaningfuty modify the data and still 
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have it produce the same MAC for a given key. The standardized approaches authenticate data such as financial trans- 
actions, passwords, and computer programs. 

After the MAC has been computed, it is sent with data. To authenticate the data, to 
to recorrpute the MAC; the system then 

ol course, change both the data and the MAC; therefore, the key that is used to compute the MAC must be kept secret 
between the MACs originator and the MACTs autherticator. 

An alternative approach to data integrity checking uses a standard key value and multiple iterations of tie DES 
algorithm to generate a inodrfication detection code (MPC). in this approach to date integrity checking, the MDC must 
be received from a trustedsourca The person who wants to authenticate the data recomputes the MDC and compares 
the result with the MDC that was sent with the data. 

Because the DES algorithm has been used for many years, its strength has been well demonstrated. Both software 
and specialized hardware can implement the DES algorithm. A hardware solution is often desirable for the Wowing 



* the algorithm requires many computer instructions to be processed 

* the keys must be protected so that they can remain secret 

* performa n ce can be improved 

Ha data security threat comes from an extern 

be sufficient; unfortunately, however, nvch fraud originate 

speoafeed cryptographic hardware can be required to protect agatost both insider and outsider data security threats. 
Well-designed hardware can do the folowing: 

* ensure the security of cryptographi c keys 

* ensure the integrity of the cryptograp h 
ferrt the tay-rrwiarjerne^ 

The DES algorithm, which has been proven to be efficient and strong, is widely know; however toe keys rrust normaly 
remain secret Because toe same key is used both to era 
be symmetric; it uses a symmetric key. 

In another type of cryptographic process, an asymmetric process, one key is used to encfcher the data, whie a 
Different but corresponding key is used to dec^her the data to »6 original 

is known as a pubfcokey system The key that is used to encipher the data is widely known, but the correspondrig tey 
tor deciphering the data is secret For example, many people who know a person's pubic key can send enciphered data 
to that person confidential* knowing th^ 
key oyptoyaphic aigorilhms have be^ 
tor assurtog data irttenrty.toc^^ 

techniques are cisojGsed in more detail the Meyer & Matyas text 
Pubfc>k*yaJgorihrr^ 

use even more computer time than toe DES afgoritom. Jhm use of m putffo^ey system is, fiarafora. often r estri cte d to 
situations to wtrt toe rfwacterisfcs^ 

to boti the DES and RSA afgorthms, no practical means anete to ider^ 
togrepftc key; therefore, keeping a key secret at a cryptographic node is essential. In real systems, however, this often 
does not provide strident pro tecti o n . I adversaries have access to the cryptographic prrxess art to certatoprotocM 
keys, they oouMpossiatyrrwsu^ 

must be in place to protect and drstribute cryptographic keys in a secure manner. 

Access control protects data by Blowing only persons or programs with a legitimate need to access system 
resources, such asafita, selected records or fields to a «e, a he^ 
Access control uses the folowing services: 

luwit T iMtion and vertical 

each user or program to the system Verification is the abirry to provk^ 
what they claim to ba (Nfertficatton is also known 
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* Autrwrizatioa Aulhrjrfeatto 

data sets, programs, or transactions. (Authorization is also known as 'access controT.) 

* Enforcement Enforcement is a subsystem process of verifying the requester's authorization. 

In systems that consist of multiple computers, it is increasingry necessary for persons or programs at one system 
to be able to convince persons or pro^afi* at another system that they are 
to this problem involve the tattooing: 

using focal access controls 

* using cryptographic processing to ensure the authenticity of a process 

* ensuring that the authorization information is confidential 

Many computer products and perirjfierate row have the* o^ 

of integrated microprocessors. These rricroprocessccs use stored prog/a^ 

For example, the IBM 4755 Cryptographic Adapter Is a device which incfodes a microprocessor, memory, and pro- 
-grarnrring togic mounted on a printed circuit board. Functions are housed within a tanper-f esrstant module, or secured 
area, for protection, such as that cfscussed more fuly in US. Pat No. 5,027.397, which is specfffoaJy Irtcorporated 
herein by reference. The IBM 4755 is a component of the IBM Transaction Security System, discussed in the IBM pub- 
lication entitled Transaction Security System: General Information Manual and Planning Guide" (GA34-2137-0), US. 
Pat No. 5.048.085. and U.& Pat No. 5,148.481. which are specficatry incorporated herein by reference. 

Typically, two kinds of memory are associated with these microprocessors: permanent (unalterable or nonvotatle) 
memory tor the program; and volatile memory tor defused by trie rjrrjgram. Per^ 
Memory (ROM). Prcflmirwrafcte 
Vbtatle memory is typicaty a statics 
is removed. 

Newer technologiee alow the designer to use memory which is nonvolaS 
in which the data can be changed, but the contents are retained when the power is off. Several technologies can be 
used to obtawi these characteristics. Hash EPROM (FEPROM) permtes areas of memory to be erased etectronfceJy 
end toen ty^u^mrmad. Becfrfcaty Erasable PROM (EEPRQM) permits tocfividuaJ bytes or bite to be rewritten much 
ike RAM memory Complementary MetaKfcride Semiconductor (CMOS) RAM with battery beck-up uses little power 
and retains RAM contents when system power i6 off. 

These newer kinds of memory can be used in two ways to improve the value of the proctoct 

First, H some or aJ of the rricrcprccessor program is stored in nonvotatite. reprograrnrnabie memory, the program 
can be changed alter the product is nwiulactured. Thus, new fealurw 
preventeproo\jctorjsotescerice 

Second, data stored in the memory can control the configuration of the product One such use is to selectively 
enabteorcfedbteprockctteeiij^ 

of applications which need efferent features. Users can be charged tor an upgrade to enatoto rtew features, wt**i wfl 

be NgNy profitBtote to the manu^ 

There are many circumstances wMchwouMiratottadvantageoiKtobeei^ 
subset of toe totai Deputation of devices. The reason may be to prevent applying an upgrade tost is tocompoftie wflh 
the undertyir^ to u>were or soft war e or irr^ 

tie manulacturer may want to apply tie uptrattecw^ to devices which have: 



* a mwmtacture date within a perbcular range of dates 

• a particular version of software rotated 

• a certain ranges of serial numbers 

* a spedfic combinations of 1 



ttis easy tosee why triis kind of flexi^ 
impediment to its use. however; security. 



EP07D6 275A2 



Both the manufacturer and user want to be sure they have control over pro^anw that are loeded into the memory. 
The manufacturer may want to make sure only its programs are used, to ensure the pro gram s meet quality and per- 
fomwce standard The mar^ 

the data is that is being sent to the user. The user, on the other hand, wants to make sure the programs in the devices 
5 are vaJkJ, and prevent any theft 

would be a Trojan horse" program which woutonormaJlyorjerateOT 

the user's security practices, or to divulge the user's secret information. 

Typically, there wi I be one source tor all fieM upgrades to code or cortfiguration data although other scenarios are 

poss&a. For the purposes of d&cusston. assume that the device ironutacturer is the onry vaid source of code or data 
10 updates; and the device isasecurityada 

The problem can then be descnbed wrth two findamerrtaJ requirements: 

Frst data sent to the user must be kept secret ft must be impossWe tor anyone to discover <x modify the contents 

of the data. 

Second, the user must be able to verity that the data came from the vaJid source (ag., the manufecturer). This is a 
is form of norwepucfetion. 

SUMMARY OF THE INVENTION 

The present invention overcomes the disadvantage ano^ 

20 method for secure cfctributfon of software, software updates, and configuration data. Cryptography is used to protect 
software or data updates sent to computer products or peripherals using non-secure cSstnoution channefe In the pre- 
ferred embodiment the contents of the data cannot be read by anyone who obtains the data, and the data wi not be 
accepted unless it is unmocWed and originated with the vaid source tor such data. 

An advantage of the invention is to provide an apparatus and method for secure distribution of software, software 
25 updates, and configuration data. 

Another advantage of the inventfon is to provide an appa 
the configuration of a product so as to selectively enahto or dfeafctepr^ 

Yet another advantage of tie Invention is to provide an apparatus and method wherein data stored In memory 
q)r»otetw acceptance cr rs j ecto 
X Tto foregoing and c#wan\ient^ 
r an rJtog t echnology to view of th^ 

BRIEF DESCRIPTION OF THE DRAWINGS 

as FK1 1 tsabtockdiagramdepicttoga wherein an enlarge- 

ment of an ernbodvnent of the 

FIG. 2 is a btock ciagram of an embodwrwnt of toe invented apparatus tor secure c*strtoution of software, software 
updates, and configuration data emptying pubic key cryptography. 

FIG. 3 is a flowchart of an en frotfiment of toe invented method tor secure dfetributfon of software; software updates, 
40 and configuration data ernploytog pubic key cryptography. 

FIG. 4 is a block ciagram of an enfeoffment of t» invented appenatus tor secure 
updates, arid configurate 

FIGSisaftowchertof anw i*juu *i ^ s oftwa r e up d a te s, 

arMt configuration d^en^ 

DESCR FT10N OF THE PREFERRED BvWXHMEKT 

Referring now to FIG. 1, a computer or computer system 10 is shown which includes a cryptographic system 12 
so conprising a rricroprocessor 14, memory 16. and cryptographic functions 18 mounted upon a device or adapter card 
20. The nreroproce6sor, memory, and cryptogr a phi c functions are housed within a secured area or module 22. 

As shown in FIG 2. a pubic key KPU is instated in the adapter card 20. Cryptographic system 1 2 includes the 
pubic key algorithm (e.g.. RSA). The oorrespondtog private key KPR would be hetd by. tor example, the adapter card 
manufactorer, in a secure, secret manner so it would never be dsdosed outside the manufacturer's organization. Pref - 
65 erabry, the data is protected twofold: 

Frst as shown in FIG. 2. data, Dl is encrypted by a pubic key cryptographic system 24 using the private key. KPR, 
or as shown in FIG 4, data is encrypted by a symmetric key cryptographic system 25 using the symmetric key, KS. This 
provides the necessary secrecy 
rfication to the encrypted data wil render it invalid. 



5 



EP0706275A2 



Second, in FIGS. 2 and 4. a digital signature on the data is computed and sent to the adapter card users using a 
d&tal ao/wture generator 26. This signature is verified before the oto to accepted by o^ 
can be a component of cryptog r aphic funcfon 18 or a separate fcinction 

18 include both a public key cryptogra p hic system 18a and a symmetric cryptog r a p hi c system 18b, A verified dtftel 
signature proves that the data has not been altered once its creetioa and proves that 
the manufacturer. 

Two embodiments of the invention are described below. 

The first four steps in FIQ 3. are performed by t>e manufacturer, who sends the resulting data to the users. The 
remaining step6 are performed by the user to load the data into the adapter card. 

The manufacturer first generates the data to be loaded into the adapter cards rn step 100. This data is designated 
D. The manufacturer already possesses private key KPR, and the corresponding pubic key KPU is win every adapter 
card manufactured The key KPU may be embedded m the adapter caid. or may be sup^^ 

other medium if it is protected against substitution (e.g., by a certification process). ft does not need to be tapt secret 
in order to maintain integrity of the loaded data. 

In step 1 1 0, the manufacturer computes a olgrtaJ signature on the data D using the private toy KPR The use of tie 
oiytal signature is optkxial. Its ijse enhances the abiity to prove the source of the data, but the data can be dtsU touted 
successfuiy without a signature. The cfigtaJ signature function is represented as drigQ. The signature wfll be verified 
before the data i6 accepted by the adapter card, assuring it came from the manufacturer in this example. 

In step 120, the data D is encrypte d using the private key algorithm with Nay KPR. This protects the data from 
cfcctosure or modification prior to its installation in the adapter card. The fur^ 
algorithm, such as the RSA algorithm. 

Themaruifecturer.instep130.seri* 
through any convenient channel; ofckettes. electronic mai. or any other medium is sufficient The user receives this 
nrfmmation. and loads the data and signatore into tie secured area of the adapter card in step 140. 

to step 1 SO. the adapter decrypts the data using the pubic key KPU, recovering the dear data D. Rftowtogthis. to 
step160.twoVtelopieJureieve^ rf the signature verifies* the data is genuine and it can only 

have been created by the manufacturer, who holds the private key KPR. Once the data has been decrypted and Us 
vafrtty has been deten lined, the date is ypfed to the nonvotelie memory in the adapter card, stop 180; otherwise, 
the information is discarded, step 170. 

Onry the private toy KPR needs to be kept secret The pubic Key KPU rs present in every copy of the device, and 
there is no security eapoesure V its value is divulged. The rvhre of the pubfc 
key cannot be determined from the pubtfc 



Alternative!* the data can be encrypted using a symmetric 
pubic key eJpprithm used above Wtti current technology, symrnetric key algorithms are generaiy faster to compute 
than pubfc kiydQorttims»»tiw 
each time new data Is produced 

As6hownmsftep2u0ofFia5»twffm^^ 
In tie step 210. a random syiunMfcic alporiftm hey designated KS i* go w Mied The users do not he»e hey KS. so tie 
manufactory must sent ft to twm in a secure manner. In step 220. KS is encrypted wfth a pubic key algorithm using 
the private key KPR. 

to step 230. the manufacfc*er computes a cigfeil ngneture over the data D. and in step 240 tie data is encrypted 
using twsymrra^ toy algorftwnw^ 
dsig(D) are al sent to the user in step 250. 

In step 260. the data is received at the user site where adapter cards are instated. The data is loaded into the 
secured area of the card, which contains tie public key KPU. to step 270, KPU is used to decrypt the symmetric key KS 
using the pubic ley eJgprithm In step 280. the recovered KS is used to decrypt the data using the symmetric key 
algorithm. 

In step 290, the rftfal signature is verified iising KPU to order to vertfy the origto 
it means that both tie data D and the key KS were vafct; in this case, the data is loaded into the nonvoiatfte memory on 
the adapter card and enabled tor use. step 310. Otherwise* the date is ofscardrt 
caJculaforeajepreleraty 
is recovered and verified. 
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WHh either method described above, other checMng code* could to 
An MDC, cyclic redundancy check (CRC), or any other valid checking code could be calculated over the data and 
upended to the date before its encrypt 

this value could be verified against the recovered data tf it verifies, the data is correct and originated with the hotter of 
5 the private key KPR. 

Use of information in the data as decision criteria 

Once the data has been loaded into the adapter card, the decision of whether to permit the data to be employed 
w can be made a function of inrorrnatiori ancVor instructions contained within the data itseff. 
In one embocf merit, software contained in the devka is 
information" already contained in the device. Examples of such basic information include: 

* serial number 

15 

* model codes 

* date of manufacture 



so * version of software currently installed 

• codes deserting installed or avalable features 

The basic informatio n in the device is stored in memory (inducing hardware registers, permanent software, or resident 
25 loadable software). The criteria information is preferably included in the data in tabular form, tor example, as shown in 
FIG. 6. The data, and therefore the criteria info r mation, is securely dtetrtouted in the manner described in the previous 
sections herein. Control software within the device examinee this table and compares it to the appropriate basic infor- 
mation in order to decide whether to apply the data. 

The pseudocode in Table 1 is an example of how the criteria i ioi ft ction from the table would be pro cessed. Each 
so item in the tabtewouto be compared wfth the appropriate basfcirafrrmationco 
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TABLE 1 



Load_Permitted = FALSE; 
If SN_Min <= SN <= SN Max then Do; 
If DTMin <= DT <= DT_Max then Do; 
If Min_HW_Lvl <= HW_Lvl <= Max_HW_Lvl then Do; 
If Min_SW_Lvl <= SW_Lvl <= Max_Sw_Lvl then Do; 
Get Feature_Vector; 

If all Features_Required features are present then Do; 
If no Features_Prohibited features are present then 

DoT 

If Model_List is empty then Load_Permitted = TRUE; 
Else do While Model_List not empty; 
Get Test_Model from head of Model_List; 
If Test_Model = model of this device 
then Load_Permitted = TRUE; 
If Load_Permitted = TRUE then load data to memory; 
Else Abort loading process 



* SN_Min and SNMax are the lowest and highest serial 
numbers the device can have for the data to be 
valid. In the pseudocode in Table 1, the serial 
number for a specific device is designated SN. 
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* DT_Min and DT_Max are the earliest and latest dates 
the device can have for the data to be valid, e.g., 

6 

the manufacturing date, the microcode creation date, 
or some other date code. Several different dates 
could be compared if desired. In the pseudocode in 
10 Table 1, the date code for a specific device is 

designated DT. 

* Min HW Level and Max_HW_Level are the lowest and 

15 highest hardware levels the device can have for the 

data to be valid. This represents the version of 
hardware in the device. HW_Level is used in the 
pseudocode to represent a particular device's 

20 

hardware level . 

* Min_SW_Level and Max_SW_Level are the lowest and 

25 highest software levels the device can have for the 

data to be valid. This represents the version of 
software in the device prior to application of the 
data. SW_Level is used in the pseudocode to 

90 represent the particular device's software level. 

* Features Required and Features_Prohibited are 
„ vectors of boolean values. They represent the 

35 

features the device must have for the data to be 
valid, and the features the device must not have for 
the data to be valid. In the pseudocode, 
40 Feature_Vector represents a vector of boolean values 

representing the features present in a specific 
device. 

45 * Model List is a list of product models which are 

valid targets for the data. An empty list can be 
used to indicate that the data is valid for all 

3, models. Otherwise, the device looks for its own 

model code in the list; if it is not present, the 
data will not be applied. 

66 

tnenattemalraenrtxxtmer^ 
itself contaro special software^ 

and therefore the checking software, is securely dte tribu t ed in the manner described in the previous sections herein. 
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This checking software is not a pari of the operational software used in the everyday application of the device. The 
actttionaJ checking software may be optional ; If present. It is caJled by the control software which resides in the device, 
and ft determines whether the oto 

irwtnxtjons to prepare the device tor the new software or data contained in the data. 



TABLE 2 



If checking software present in the data then Do; 
Load checking software; 
Verify checking software is valid; 
Abort if invalid; 
Execute checking software; 
If result = M ok to load data" then Do; 

Get data; 

If data is valid 

Then load data to memory; 
Else abort 



This entodfrner * is mo re f tadblefw 
the initial d e vi ce designers. Functions am be added wfch any data update, sarnpty by changing the checking prog/am 

Inoperabcn t^enrtwcSrr^ 
pei inanentty stored in the device, wrth adJbunei functions contained in the checking software portion of the data. 

The fancfen performed by the checking so ftware is completely up to the designer of that software. Its functions 
would typkafly be simitar to those described for the first entofrnent but could include any checking or inffiaJgaSon 
deemed necessary by the designer. 

A simitar approach can be used to provide opforal software that would be executed irnrnerJatefy after tie data is 
loaded TNs couW perform initialization necessary to prepare the updated device tor usa 

Of course, many modfcaHons and adaptations to the present tawrtffon could be made to advar^ 
ing from twyrt of tr» invention, 

use of other features. Aaaordtogry. this d e sa O p ti on should be con si d e red as merely MuUiutivu of toe principles of toe 
present invention and not to irnrtatton thereof . 




executing a program which requires specie intormation to be stored in the memory to permit the use of specific 

features of the system; and 

upctattogtTMspedfcirTtam 



2 The centreing method of item 1 inducing the adcftional steps of: 

encrypting tie data at the other cornputer system under a first Key of a pubic key encryption system; and 
decrypting tie data within the secured area with a second key of the pubic toy encryption system 

3. The centreing method of daim 22 inducting the addttonaJ steps of: 
generating a symmetric key tor use wito a symmetric cryptography algorithm; 
encrypting the data under the generated symmetric key; 
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encrypting the generated symmetric key under a first key of a pubfc key encryption system; 

transferring the encrypted data and the encrypted symmetric toy to a processing system which is located wHhin 

the secured area; 

decryptirig the received s 

decrypting the received data wiWn tie seeded area under the decrypted 
raphy algorithm; and 

storing the decrypted data in said memory. 

4. The loading method of Hem 3 wherein 

the f rst key is a private key used with said public key encryption system. 

5. The loading method of item 3 or 4 wherein 

the second key is a pubic key used with said public key encryption system. 

6. The controlling method of one of items 1 to 5 wherein 

the executed program is included h the data originating from the other computer system. 

7. Trw csntrofing method of ora 

following: — — _____ — — — 

serial number of the computer system; 

model number of the computer system; 

date of manufacture of the computer system; 

version of software cunentry installed in the computer system; and 

codes oesenbtng instaJted or avaiabie features. 

8. The controlling method of one of items 1 to 7 wherein 

the features of the system are related to software updates included in the data originating from the other computer 
system. 

9. A method of securely controttng the en_bternent of data loaded in memory within a secured area of a device, 
said method fr^fc**np fro ii tape nf 

rjrovidtagWorm 

provirjng criteria irtforrnalirjn within 

cornpartog said criteria intorrrwtion wit) said at toast one characteristic; and 

enabing said data to be used within said device if said at least one characteristic meets said criteria infcxm a tion. 

10. The oontroting method of item 9. whereat 

at toast some portion of said orjnpenYig steps perform 

11 . The cor*roKng method of item 9 or 10. wherein 
said characteristic ir#orr_ 

serial nurnberofthed e vi c ec 
mDrJ_nun_erottiede_ co; 

version of to ftw o re curenty inXi rt to tie devi c e : and 

crjrJes describing in c^ 



1. A method of transferring data into a secured area, said method including the steps of. 
encrypting (120) said data under a first key of a pubfc 

transferring (130) sad encrypted data to a processing system which is located within said secured area; 
decrypting (1 50) sad received data w_Hn said secured area wrth said pubic key erxxyption system (24) under a 
second key; and 

storing said decrypted data within said secured area. 

2. The method of d_m 1, wrwrein 

said tran sferrin g data into a secured area is a tearing data into at least some portion of memory which is located 
within said secured area, and 
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said secured area is protected from pbyscaJ and direct electrical access, thereby guarding against undesired detec- 
tion of said transterreded data. 

3. A method of loading data into at least some portion of memory which is located within a secured area which is 
protected from physical and drect electrical access, thereby guarding against undeetred detection of said loaded 
data, said method indurJng the steps of : 

generating (210) a symmetric key (Ks) use with a symmetric cryptography algorithm; 
encrypting (240) said data under said generated synroetric key 

encrypting (220) said generated syrnmetric key (Kg) under a first key of a public key (Kpu) encryption system; 
transferring (250) said encrypted data and said encrypted symmetric key (Ks) to a processing system which is 
located within said secured area; 

decrypting (270) said received symmetric key (Kg) within said seared area with a second key of said pubic key 
(Kpy) encryption system; 

decrypting (280) said received data within said seared area with said decrypted symmetric key (Kg) with a sym- 
metric cryptography algorithm; and 

stonVig said decrypted data into said at least some portion of memory. 

4» The method of one of claims 1 to 3. wherein 

6aid first key is a private key (Kpq) used with said pubic key (Kpy) encryption system. 

6. Trie method of one of ctaims 1 to 4. wherein 

said second key is a public key (Kpy) used with said public key (Kpu) encryption system. 

6. The method of one of ctaims 1 to 5, wherein 

said pubfic key (Kpu) is stored within said secured area. 

7. The method of one of claims 1 to 6 farther inducing tie step of: 
add^acoofrtosaid encrypted date w 

beating said encrypted data. 

fc The method of claim 7 wherein 

said code is selected from said group consisting of a rJgrtaJ signature, a mooYfcation detection code (MDC), and a 
cycle redundancy check (CRC). 

9. The method ofcteim 7 or 8 firther indud^ the of: 
authenticating said decrypted data: and 

enabing said decrypted data to be used rf said decrypted data is authentic; otherwise, not enabing said decrypted 



10, A system lor securely hoking data, said system conyrising: 

memory moans located wflNn a secured area wrtrich is protected from physical and olrect electrical access; 
means lor rjrovfcfng a pubftc 1^ (Kpy) wrt^ said secured area; 
m eire wariri said secured anaa lor leceMngd 

means wihto said secured area tor deorypftng (ISO) said reamed dtoiaite said pit* lor P<^ 



11. The system of claim 10 wrfwreirt 

said decrypted data provides asynroetoc tay(Ko). 

12. The system of daim 11 indurJng: 

means within said secured area lor receiving data encrypted by a syrnmetric algorithm under said symmetric key 
(Ks): 

means for decrypting (280) said data under said syrnrnelric key (K^ provided by said decryption under said pubic 
!*y(Kpu);and 

means lor storing said symmeeic key decrypted data in said memory means. 

13. The system of one of claims 10 to 12 further inctorJng 

means for analyzing a code received by said system to authenticate said data received. 
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14. The system of daim 13, wherein 

8aid code is selected from said group consisting of a dtgrtaJ signature, a modification detection code (MDC). and a 
cydic redundancy check (CRC). 

5 15. A method of securely control! ng the configuration of a computer system (10) go that features of said system may 
be convenient enabled or disabled, said method inducing the steps of. 

providing memory which is located within a secured area which is protected from physical and drect electrical 
a c cess; 

executing a program which requires specific information to be stored in said memory to permit the use of specific 
to features of said system; and 

updating said specific information with data decrypted from encrypted data originating from another computer sys- 
tem. 

16. A method of securefy control ing the enablement of data loaded in memory within a secured area of a device, 6aid 
is method inducing the steps of: 

providing information within said memory representing at least one characteristic related to said device; 
providing criteria information within said data to be compared with said at least one characteristic; 
comparing said criteria information with said at toast one characteristic; and 

enacting said data to be used within said device if said at least one characteristic meets said criteria information. 
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FIG. 1 
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FIG. 3 
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FIG. 5 



260 



RECEO 
LOAI 
SECURT 


/E AND 
3 TO 
fYCARD 


270 




DECRYPT pke(Ks) 
WITH \fa 


280 

N 




DECRYF 

win 


Tse(D) 
UK, 




290 



DIGITAL 
SIGNATURE 
VERIFIED? 




YES 



300 



DISCARD 
INFORMATION 



310 



RETAIN 
INFORMATION 



200 

^_ 

GENERATE 
DIGITAL 
INFORMATION (D) 



210 



GENERATE 
SYMMETRIC 

KEY 

(Ks) 



pke(K 8 ) 

+ 
se(D) 
+ 

<*slg(D) 



220 



ENCHYPT 
Kq WITH 



230 



GENERATE 
DIGITAL 

SIGNATURE 
dslg(D) 



240 



ENCRYPT 
D WITH Kg 



250 



TRANSFER se(D), 

pke(K„).AND 
dsigP) TO USERS 



18 



EP07D6Z75A2 



CO 
CC 
UJ 
CO 

Z> 

■z 

d (0 

2s 111 

DC V- 

UJ < 

CO o 

u. u. 

o o 

UJ UJ 

o o 



eg eg 

UJ UJ 



UJ UJ 

cc cc 



I 



8 



o o 

UJ UJ 

o © 



£ CO 
UJ UJ 



ul w 

rn r- 



(0 
UJ 
OC 
Q_ 

UJ 
CO 

& 



OC 
Q. 

UJ 
CD 



< 
O 



g 

0l 
3 
AC 

o 

u. 

Ul 

o 
o 



< < UJ UJ 
If OC ix. U. 



i s o 

1-1-3 

CO 0) < 

UJ UJ > 

CC DC u- 

g g o 

ui iS CO 



£ 2 

1111111 



CO 



S 



I 



I 



CO 



1 

3-- 
CC 



CO 
CO 



I 

JO 

2 

& 

i 



_l 

<D 
T3 
O 



19 



